You have Javascript disabled. While you will be able to browse this site without Javascript, some functionality on this site will not work without it. We strongly recommend enabling Javascript in your browser. This site uses cookies and collects data about visitor behavior for improving user experience, identifying returning visitors, and providing personalized offers. Your continued use of this site indicates your consent to this. See Privacy Policy for details or if you wish to disable cookies.

Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

This site uses cookies and collects data about visitor interaction for improving user experience, identifying returning visitors, and providing personalized offers. Your continued use of this site indicates your consent to this. See Privacy Policy for details or if you wish to disable cookies.

ssh-certview-g3

ssh-certview-g3 — certificate viewer

Synopsis

ssh-certview-g3 [options...] file [options...] file ...

Description

The ssh-certview-g3 program is a simple command-line application, capable of decoding and showing X.509 certificates, CRLs, and certification requests. The command output is written to the standard output.

Options

The following options are available:

-h

Displays a short help.

-verbose

Gives more diagnostic output.

-quiet

Gives no diagnostic output.

-auto

The next input file type is auto-detected (default).

-cert

The next input file is a certificate.

-certpair

The next input file is a cross-certificate pair.

-crmf

The next input file is a CRMF certification request.

-req

The next input file is a PKCS #10 certification request.

-crl

The next input file is a CRL.

-prv

The next input file is a private key.

-pkcs12

The next input file is a PKCS#12 package.

-ssh2

The next input file is an SSH2 public key.

-spkac

The next input file is a Netscape-generated SPKAC request.

-noverify

Does not check the validity of the signature on the input certificate.

-autoenc

Determines PEM/DER automatically (default).

-pem

Assumes that the input file is in PEM (ASCII base-64) format. This option allows both actual PEM (with headers and footers), and plain base-64 (without headers and footers). An example of PEM header and footer is shown below:

-----BEGIN CERTIFICATE-----
encoded data
-----END CERTIFICATE-----

-der

Assumes that the input file is in DER format.

-hexl

Assumes that the input file is in Hexl format. (Hexl is a common Unix tool for outputting binary files in a certain hexadecimal representation.)

-skip number

Skips number bytes from the beginning of input before trying to decode. This is useful if the file contains some garbage before the actual contents.

-ldap

Prints names in LDAP order.

-utf8

Prints names in UTF-8.

-latin1

Prints names in ISO-8859-1.

-base10

Outputs big numbers in base-10 (default).

-base16

Outputs big numbers in base-16.

-base64

Outputs big numbers in base-64.

-width number

Sets output width (number characters).

Example

For example, using a certificate downloaded from pki.ssh.com, when the following command is given: